CyCognito Inc today announced its research team has uncovered a significant Cross-Site Scripting (XSS) vulnerability on the web admin interface of Cisco small business router models RV042 and RV042G. Cisco routers are popular around the world, and the company has approximately 50% market share in the router and switch market globally. This vulnerability gives attackers an easy path for taking control of a router administrator’s web configuration utility, a position that allows them to perform all admin actions, from viewing and modifying sensitive information to taking control of the router or having the ability to move laterally and gain access to other systems.
The CyCognito platform discovered the Cisco vulnerability, which was subsequently verified by the CyCognito Research Team and then by Cisco. The platform detected the Cisco router XSS vulnerability when mapping the attack surface of a CyCognito customer that was using one of the Cisco small business routers, and the research team quickly realized the CyCognito platform had found a never-before reported vulnerability, also known as a “zero-day” vulnerability.